Four Characteristics of Top-Notch Threat Intelligence

Threat intelligence is a hot topic these days and was arguably one of the top themes of RSA Conference 2016. However, organizations need to realize that simply having more data about the latest threats, vulnerabilities, and exploits is not the answer to all their cybersecurity problems. On the contrary, threat intelligence is only helpful if…

The Criminal Appeal of Advanced Ransomware: How Can Companies Protect Their Files?

Advanced ransomware—malicious software designed to take control of a computer system and hold it hostage until the victims pay for its release—is one of the fastest-growing areas of cybercrime. Another closely related threat is cyberextortion, where attackers threaten to cause harm to a company by releasing sensitive information to the public or sustaining distributed denial-of-service…

Identity for Modern IT: A New Appreciation for User Experience

The following is a simple analysis that puts into perspective the user experience of modern IT that organizations typically require their users to endure: Imagine a midsize enterprise with 1,000 users, each of whom has between one and three devices that connect to the enterprise infrastructure. Each user has installed between 25 and 100 applications…

Advanced Detection Methods: Tips for Detecting Potential Insider Threat

In the new era of information security, traditional controls designed to deter attackers and protect assets are being augmented by advanced detection methods and new capabilities for response and remediation. The fundamental idea is to monitor the activities and behaviors taking place within your organization’s systems, applications, and data, then use this information to distinguish…

A Trip Report from RSA Conference 2016: Modern Identity Management

For anyone who went to RSA Conference 2016 to get updated on the state of modern identity management technologies and practices, you undoubtedly got your money’s worth and came back to your office with plenty of ideas on how to improve your organization’s approach. Given its foundational role in information security, the topic of identity…

Identity for Modern IT: Balancing Provisioning and Integration in IAM

With the introduction of RSA Via Lifecycle and Governance 7.0, RSA Vice President of Engineering and Product Management Jim Ducharme emphasized “make it easy” as one of the four main themes for this latest release, particularly in the areas of onboarding new users and integrating new applications. Research from the Aberdeen Group on identity and…

How to Manage Third-Party Risk Before, During, and After Signing a Service-Level Agreement

One of the great things about events such as the Next-Generation Security Summit is the opportunity to network and share information with security leaders from multiple industries. In recent sessions, third-party risk has been a particularly hot topic. In the banking industry, this discussion is being driven in large part by the US Office of…

Managing Third-Party Security Risk Requires Regular Reassessments

Even if your business partners’ security policies and processes were thoroughly reviewed at the beginning of your relationship, third-party security risk management requires regular reassessments to ensure the appropriate levels of security, privacy, compliance, and resiliency are being maintained. How Often to Reassess Security Risk Experts agree that signing a business agreement is not the…

Incident Response Roundup: 5 Facets of Top Performers

An Aberdeen Group analysis of current enterprise practices for managing privileged access provides a powerful illustration of how better visibility and operational forensics can not only help with more effective incident response (IR), but also point the way to high-impact improvements in specific security practices and technical controls. The Importance of Qualitative, Risk-Based Analysis In…

Operational Forensics and Visibility: It’s About Time

The information security community is well aware of the current state of play between attackers and defenders. Attackers are quick to gain access to enterprise systems and quick to start getting enterprise data out, whereas defenders have been painfully slow to detect threats, then respond and recover. The fact-based analysis and insights that are now…